Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D06A6A88697A11F182B371C9CE1D38B0.roa
File: D06A6A88697A11F182B371C9CE1D38B0.roa (raw, json)
Hash identifier: iukpBQkzskQs4ZBWL3Igo5cWzS6iNhb6FpKqII0bTB8=
Subject key identifier: AB:58:2F:F3:90:78:7D:CF:72:7C:10:49:E5:08:10:9F:1D:86:F9:16
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01D332
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D06A6A88697A11F182B371C9CE1D38B0.roa
Signing time: Tue 16 Jun 2026 11:59:23 +0000
ROA not before: Tue 16 Jun 2026 11:59:18 +0000
ROA not after: Thu 16 Jul 2026 11:59:18 +0000
asID: 401696
IP address blocks: 154.222.16.0/20 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Thu 25 Jun 2026 14:14:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 119602 (0x1d332)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jun 16 11:59:18 2026 GMT
Not After : Jul 16 11:59:18 2026 GMT
Subject: CN=6a313a9b-0c57
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:75:b5:5e:85:66:9f:de:b5:b3:e4:7d:85:8f:
11:c8:10:0b:f1:ad:42:06:51:20:1a:3a:d9:14:9f:
9e:e9:5a:3e:68:41:d2:dc:26:4c:5f:99:68:9d:1d:
d2:05:0e:27:42:d7:b3:95:c1:b5:9d:aa:83:7d:ae:
4d:d3:b2:4d:2a:31:d3:49:01:c5:89:91:3b:a9:e2:
4c:f8:5f:01:38:65:85:15:d3:a2:26:c8:30:7c:42:
64:61:54:c1:4c:9d:6e:7e:ba:f3:2b:45:4c:e7:05:
29:26:6e:75:c3:33:67:39:a2:4e:e7:89:df:db:1a:
3b:8d:fb:a6:92:78:9e:b0:a6:c5:74:9d:d4:14:0e:
8c:23:f6:f2:fe:4b:b1:dd:7b:c7:bd:c5:c2:2b:23:
40:ff:53:a4:0c:42:7c:7f:7b:fb:91:5a:6f:9f:93:
f7:a2:23:96:48:79:76:17:e3:e8:ad:65:65:b3:b8:
56:a0:85:f9:2c:23:71:d5:24:9e:ef:23:df:88:1d:
4e:ac:69:e3:cc:c0:92:a4:58:b3:49:ff:ef:a3:f9:
35:e0:d3:2b:71:8a:4e:13:77:f3:f2:b8:d1:0e:7b:
71:47:40:ed:5b:c6:6a:4b:60:62:76:f9:e9:20:33:
a2:c7:22:a3:eb:b5:2e:55:2b:65:7b:22:b8:58:b3:
38:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:58:2F:F3:90:78:7D:CF:72:7C:10:49:E5:08:10:9F:1D:86:F9:16
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/D06A6A88697A11F182B371C9CE1D38B0.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.222.16.0/20
Signature Algorithm: sha256WithRSAEncryption
bf:d4:f8:77:56:e0:0e:49:2e:6e:ff:3f:c8:c0:5e:48:a2:45:
b6:99:ef:d8:42:69:7c:60:7b:af:90:c3:15:63:98:67:c5:cc:
0c:67:67:e1:3b:bf:e1:c3:16:27:87:4c:c9:8e:ba:c0:eb:6d:
b3:76:26:6d:b0:c0:e6:9f:f3:50:a5:ba:23:1e:08:2d:a3:ce:
65:88:d5:17:7a:b2:74:eb:86:b0:44:f0:3c:3c:2a:33:83:b2:
1f:05:ba:56:74:bc:99:99:79:74:9e:a3:a8:ad:dd:08:83:63:
5b:02:90:ae:4d:90:5e:75:b3:32:ea:0b:cf:10:bc:7f:7d:2e:
2a:3d:7d:9f:15:2a:d9:13:07:6f:86:9b:00:5f:6d:4a:99:b8:
d1:cc:66:d8:8f:e4:c5:b6:b9:9f:21:6d:d0:ed:07:5f:93:c0:
2a:c8:01:1f:33:fa:bc:b9:39:b1:83:02:b2:20:b4:d7:81:c3:
7c:0f:37:e0:fe:fe:81:33:bc:fd:0d:04:3e:8c:cb:55:e3:02:
7d:82:81:66:de:6d:c1:cc:c4:0b:b6:66:42:38:a4:18:58:e5:
ef:0f:57:ee:19:be:2d:fd:41:d1:77:73:a4:03:1b:26:d2:17:
03:16:a5:9f:44:83:03:f9:73:3f:e8:1d:38:47:e2:47:0c:c6:
60:e3:f0:6c
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAdMyMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjYwNjE2MTE1OTE4WhcNMjYwNzE2MTE1OTE4WjAYMRYw
FAYDVQQDEw02YTMxM2E5Yi0wYzU3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAxXW1XoVmn961s+R9hY8RyBAL8a1CBlEgGjrZFJ+e6Vo+aEHS3CZMX5lo
nR3SBQ4nQtezlcG1naqDfa5N07JNKjHTSQHFiZE7qeJM+F8BOGWFFdOiJsgwfEJk
YVTBTJ1ufrrzK0VM5wUpJm51wzNnOaJO54nf2xo7jfumkniesKbFdJ3UFA6MI/by
/kux3XvHvcXCKyNA/1OkDEJ8f3v7kVpvn5P3oiOWSHl2F+PorWVls7hWoIX5LCNx
1SSe7yPfiB1OrGnjzMCSpFizSf/vo/k14NMrcYpOE3fz8rjRDntxR0DtW8ZqS2Bi
dvnpIDOixyKj67UuVStleyK4WLM4kwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFKtY
L/OQeH3PcnwQSeUIEJ8dhvkWMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9EMDZBNkE4ODY5N0ExMUYxODJCMzcxQzlDRTFEMzhCMC5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEmt4QMA0GCSqGSIb3DQEB
CwUAA4IBAQC/1Ph3VuAOSS5u/z/IwF5IokW2me/YQml8YHuvkMMVY5hnxcwMZ2fh
O7/hwxYnh0zJjrrA622zdiZtsMDmn/NQpbojHggto85liNUXerJ064awRPA8PCoz
g7IfBbpWdLyZmXl0nqOord0Ig2NbApCuTZBedbMy6gvPELx/fS4qPX2fFSrZEwdv
hpsAX21KmbjRzGbYj+TFtrmfIW3Q7Qdfk8AqyAEfM/q8uTmxgwKyILTXgcN8Dzfg
/v6BM7z9DQQ+jMtV4wJ9goFm3m3BzMQLtmZCOKQYWOXvD1fuGb4t/UHRd3OkAxsm
0hcDFqWfRIMD+XM/6B04R+JHDMZg4/Bs
-----END CERTIFICATE-----
Generated at Tue Jun 23 21:53:53 2026 by rpki-client